Nginx 'ngx_cpystrn()' Information Disclosure Vulnerability Network Vulnerability

Summary

nginx is prone to an information-disclosure vulnerability. Attackers can exploit this issue to harvest sensitive information that may lead to further attacks.

Solution

Updates are available. Please see the references for more information.

References

http://nginx.org/
http://seclists.org/bugtraq/2012/Mar/65
http://trac.nginx.org/nginx/changeset/4530/nginx
http://www.securityfocus.com/bid/52578
https://bugzilla.redhat.com/show_bug.cgi?id=803856

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-1180
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Cherokee Web Server Malformed Packet Remote Denial of Service Vulnerability
Apache Tomcat Partial HTTP Requests DoS Vulnerability (Windows)
Apache Directory Listing
Check for bdir.htr files
Apache Tomcat HTTP NIO Denial Of Service Vulnerability (Windows)

nginx 'ngx_cpystrn()' Information Disclosure Vulnerability

Take action and discover your vulnerabilities